Announcement Announcement Module
Collapse
No announcement yet.
help in Spring security (Roo 1.0.2) Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • help in Spring security (Roo 1.0.2)

    Hi !!!
    I'm new in Roo ( and every Spring universe ).
    In my project i need that the "ADMIN" can use "Create" and "list", and the "USER" just "list".
    I can't use just hide, because "USER" can access "Create" using the Create URL.

    I use "<sec:authorize access="hasRole('ROLE_ADMIN')">" in menu.jpsx but this just hide the link to Create, if i use the URL i can access the Create


    anybody can help me ?

    my ApplicationContext-security.xml

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
                            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
    
    	<!-- HTTP security configurations -->
    	<http auto-config="true" use-expressions="true"
    		access-denied-page="/app/accessDenied">
    		<form-login login-processing-url="/static/j_spring_security_check"
    			login-page="/login" authentication-failure-url="/login?login_error=t" />
    		<logout logout-url="/static/j_spring_security_logout" />
    
    		<!-- Configure these elements to secure URIs in your application -->
    		<intercept-url pattern="/album/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/alias**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/artist/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/brand/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/carrier/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/category/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/device/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/deviceconfig/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/frontend/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/frontendgroup/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/frontendinfo/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/genre/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/internaluser/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/manufacturer/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/media/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediadata/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediainputformat/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediainputinstance/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediametadata/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediaoutputformat/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediaoutputinstance/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediastatistics/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/mediatype/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/ordertype/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/owner/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/price/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/pricegroup/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/pricerule/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/pricetag/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/region/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/subscriptionoffer/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/subscriptionservice/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/tac/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/theme/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/useragent/**" access="hasRole('ROLE_ADMIN')" />
    		<intercept-url pattern="/vipuser/**" access="hasRole('ROLE_ADMIN')" />
    
    		<intercept-url pattern="/**" access="permitAll" />
    	</http>
    
    	<!--	 Configure Authentication mechanism-->
    	<authentication-manager alias="authenticationManager">
    		<!--
    			SHA-256 values can be produced using 'echo -n your_desired_password |
    			sha256sum' (using normal *nix environments)
    		-->
    
    		<authentication-provider>
    			<password-encoder hash="sha-256" />
    			<jdbc-user-service data-source-ref="dataSource"
    				authorities-by-username-query="select username,authority from users where username=?" />
    
    		</authentication-provider>
    	</authentication-manager>
    
    </beans:beans>
    Sorry my english ^^ i can't talk very well eheheheh

  • #2
    &lt;=d

    Problem resolved !!!!!
    every passing day I love more Spring Roo!!
    mauehauheauhe

    Comment

    Working...
    X